- Maximum VCPUs per guest
Virtualized guests support up to a maximum of 64 virtualized CPUs in Red Hat Enterprise Linux 6.0.
- Constant TSC bit
Systems without a Constant Time Stamp Counter require additional configuration. Refer to
Chapter 14, KVM guest timing management for details on determining whether you have a Constant Time Stamp Counter and configuration steps for fixing any related issues.
- Memory overcommit
KVM supports memory overcommit and can store the memory of guests in swap. A guest will run slower if it is swapped frequently. When KSM is used, make sure that the swap size is the size of the overcommit ratio.
- CPU overcommit
It is not recommended to have more than 10 virtual CPUs per physical processor core. Any number of overcommitted virtual CPUs above the number of physical processor cores may cause problems with certain virtualized guests.
- Virtualized SCSI devices
SCSI emulation is limited to 16 virtualized (emulated) SCSI devices..
- Virtualized IDE devices
KVM is limited to a maximum of four virtualized (emulated) IDE devices per guest.
- Para-virtualized devices
Para-virtualized devices, which use the virtio
drivers, are PCI devices. Presently, guests are limited to a maximum of 32 PCI devices. Some PCI devices are critical for the guest to run and these devices cannot be removed. The default, required devices are:
the host bridge,
the ISA bridge and usb bridge (The usb and isa bridges are the same device),
the graphics card (using either the Cirrus or qxl driver), and
the memory balloon device.
Out of the 32 available PCI devices for a guest 4 are not removable. This means there are only 28 PCI slots available for additional devices per guest. Every para-virtualized network or block device uses one slot. Each guest can use up to 28 additional devices made up of any combination of para-virtualized network, para-virtualized disk devices, or other PCI devices using VT-d.
- Migration limitations
Live migration is only possible with CPUs from the same vendor (that is, Intel to Intel or AMD to AMD only).
The No eXecution (NX) bit must be set to on or off for both CPUs for live migration.
- Storage limitations
The host should not use disk labels to identify file systems in the fstab
file, the initrd
file or used by the kernel command line. If less privileged users, especially virtualized guests, have write access to whole partitions or LVM volumes the host system could be compromised.
Guest should not be given write access to whole disks or block devices (for example, /dev/sdb
). Virtualized guests with access to block devices may be able to access other block devices on the system or modify volume labels which can be used to compromise the host system. Use partitions (for example, /dev/sdb1
) or LVM volumes to prevent this issue.
- SR-IOV limitations
SR-IOV is only supported with the following devices:
Intel® 82576NS Gigabit Ethernet Controller (igb
driver)
Intel® 82576EB Gigabit Ethernet Controller (igb
driver)
Neterion X3100 Series 10GbE PCIe (vxge
driver)
Intel® 82599ES 10 Gigabit Ethernet Controller (ixgbe
driver)
Intel® 82599EB 10 Gigabit Ethernet Controller (ixgbe
driver)
- PCI passthrough limitations
PCI passthrough (attaching PCI devices to guests) should work on systems with the AMD IOMMU or Intel VT-d technologies.